Wiper malware has another form that recently hit Ukrainian organizations, according to ESE researchers. The new variant dubbed "CaddyWiper" was focused on exploiting the system's information by removing all of its data and programs.

CaddyWiper Malware Detected in Ukrainian Network

(Photo : FLY:D from Unsplash)
ESET researchers discovered that a new form of wiper malware has attacked some Ukrainian organizations.

ZDNET wrote on its March 15 report that ESET Research Labs analysts uncovered the activity of the mysterious wiper malware. According to the researchers, this dangerous threat is deployed to hit networks via Twitter.

For weeks, the experts discovered the third wiper in a few organizations based in Ukraine. This time, the CaddyWiper posed a huge threat to its victims by erasing any data in hard drives and other outlets.

While this new malware is notorious for its destructive capabilities, ESET said that CaddyWiper could not remove information on domain controllers.

For instance, the threat actors have spread CaddyWiper to the GPOs or Group Policy Objects of Microsoft. This could mean that before the deployment of this malware, the attackers have already infiltrated the Active Directory service of the company.

Related Article: Ukraine Fights Cyberattacks Amidst Russian Invasion: Government Websites Under DDoS Attack

CaddyWiper Has No 'Significant' Code Similarities With Other Variants

Earlier this month, ESET spotted that IsaacWiper and HermeticWizard had been invading a network of the Ukrainian government. While these two wiper malware feature "data-destroying" capabilities, the code for the CaddyWiper is not similar to them.

Apart from that, the experts saw the destructive attacks launched by HermeticRansom and HermeticWiper.

To mitigate the cyberattacks amid the Ukraine crisis, the Computer Emergency Response Team for Ukraine (CERT-UA) urged all the organizations to report to them if they encounter the new wiper.

The first time we heard about wiper malware this year was back in January when Microsoft issued a warning. This took place before Russia attacked Ukraine.

Prior to the crisis, the latter had experienced several cases of DDoS (Distributed Denial-of-Service) attacks that targeted the government establishments.

How to Stay Protected Against Wiper Malware

MakeUseOf wrote some tips on how you can protect yourself against wiper malware. The tech site advised the people to update their malware protection tool. It also included that users should educate other people regarding cyberattacks.

To make sure that you can recover your files after the attack, don't forget to conduct regular backups for support. You need to patch the existing OS of your device and update their software to the latest. These steps will help you to prevent this malware at all costs.

The European continent experienced a massive internet outage following a wide-scale cyberattack that attacked some countries in other news. The exploitation caused 5,800 wind turbines to go offline as a result.

It should be noted that the affected residents are living in Germany, Italy, France, Poland, Hungary, and Greece. This occurred amid the continuous attacks on Ukraine.

Read Also: Ukraine DDoS Cyberattack: Suspects Russia and May Ignite Tensions Between Them

This article is owned by Tech Times

Written by Joseph Henry